{ "id": "CVE-2024-26673", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2024-04-02T07:15:43.967", "lastModified": "2024-11-21T09:02:49.017", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations\n\n- Disallow families other than NFPROTO_{IPV4,IPV6,INET}.\n- Disallow layer 4 protocol with no ports, since destination port is a\n mandatory attribute for this object." }, { "lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: netfilter: nft_ct: desinfecta el n\u00famero de protocolo de capa 3 y 4 en expectativas personalizadas - No permitir familias que no sean NFPROTO_{IPV4,IPV6,INET}. - No permitir el protocolo de capa 4 sin puertos, ya que el puerto de destino es un atributo obligatorio para este objeto." } ], "metrics": {}, "references": [ { "url": "https://git.kernel.org/stable/c/0f501dae16b7099e69ee9b0d5c70b8f40fd30e98", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }, { "url": "https://git.kernel.org/stable/c/38cc1605338d99205a263707f4dde76408d3e0e8", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }, { "url": "https://git.kernel.org/stable/c/65ee90efc928410c6f73b3d2e0afdd762652c09d", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }, { "url": "https://git.kernel.org/stable/c/8059918a1377f2f1fff06af4f5a4ed3d5acd6bc4", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }, { "url": "https://git.kernel.org/stable/c/b775ced05489f4b77a35fe203e9aeb22f428e38f", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }, { "url": "https://git.kernel.org/stable/c/cfe3550ea5df292c9e2d608e8c4560032391847e", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }, { "url": "https://git.kernel.org/stable/c/f549f340c91f08b938d60266e792ff7748dae483", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" }, { "url": "https://git.kernel.org/stable/c/0f501dae16b7099e69ee9b0d5c70b8f40fd30e98", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://git.kernel.org/stable/c/38cc1605338d99205a263707f4dde76408d3e0e8", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://git.kernel.org/stable/c/65ee90efc928410c6f73b3d2e0afdd762652c09d", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://git.kernel.org/stable/c/8059918a1377f2f1fff06af4f5a4ed3d5acd6bc4", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://git.kernel.org/stable/c/b775ced05489f4b77a35fe203e9aeb22f428e38f", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://git.kernel.org/stable/c/cfe3550ea5df292c9e2d608e8c4560032391847e", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://git.kernel.org/stable/c/f549f340c91f08b938d60266e792ff7748dae483", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "source": "af854a3a-2127-422b-91ae-364da2661108" } ] }